//package com.hwbsite.hwbback.config;
//
//import com.hwbsite.hwbback.consstants.CacheConstants;
//import com.hwbsite.hwbback.entity.HwbUser;
//import com.hwbsite.hwbback.service.UserDetailsServiceImpl;
//import lombok.RequiredArgsConstructor;
//import lombok.SneakyThrows;
//import org.springframework.core.io.ClassPathResource;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.data.redis.connection.RedisConnectionFactory;
//import org.springframework.http.HttpMethod;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
//import org.springframework.security.oauth2.common.OAuth2AccessToken;
//import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
//import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
//import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
//import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
//import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
//import org.springframework.security.oauth2.provider.ClientDetailsService;
//import org.springframework.security.oauth2.provider.OAuth2Authentication;
//import org.springframework.security.oauth2.provider.token.TokenStore;
//import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
//import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
//import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
//
//import javax.sql.DataSource;
//import java.util.HashMap;
//import java.util.Map;
//
//@Configuration
//@RequiredArgsConstructor
//@EnableAuthorizationServer
//public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
//
//    private final DataSource dataSource;
//    private final RedisConnectionFactory redisConnectionFactory;
//    private final AuthenticationManager authenticationManager;
//    private final UserDetailsServiceImpl userDetailsService;
//
//    @Override
//    @SneakyThrows
//    public void configure(ClientDetailsServiceConfigurer clients) {
//        clients.withClientDetails(hwbClientDetailsService());
//    }
//
//    @Override
//    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
//        oauthServer.allowFormAuthenticationForClients()
//                .passwordEncoder(new BCryptPasswordEncoder()).tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
//    }
//
//    @Override
//    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
////        endpoints.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
////                .tokenStore(tokenStore()).userDetailsService(userByPhone).tokenEnhancer(accessTokenConverter())
////                .authenticationManager(authenticationManager);
//
//        endpoints.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST).accessTokenConverter(accessTokenConverter())
//                .authenticationManager(authenticationManager)//认证管理器
//                .tokenStore(tokenStore())//令牌存储
//                .reuseRefreshTokens(false).userDetailsService(userDetailsService);
//    }
//
//
//    @Bean
//    public JwtAccessTokenConverter accessTokenConverter() {
//
//        JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter() {
//            /**
//             * 重写增强token的方法
//             * 自定义返回相应的信息
//             *
//             */
//
//            @Override
//            public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
//
//                if (CacheConstants.CLIENT_CREDENTIALS.equals(authentication.getOAuth2Request().getGrantType())) {
//                    return super.enhance(accessToken, authentication);
//                }
//
////                String userName = authentication.getUserAuthentication().getName();
//                // 与登录时候放进去的UserDetail实现类一直查看link{SecurityConfiguration}
//                HwbUser user = (HwbUser) authentication.getUserAuthentication().getPrincipal();
//                /** 自定义一些token属性 ***/
//                final Map<String, Object> additionalInformation = new HashMap<>();
//                additionalInformation.put("user_id", user.getUserId());
//                ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInformation);
//                OAuth2AccessToken enhancedToken = super.enhance(accessToken, authentication);
//                return enhancedToken;
//            }
//
//        };
//        accessTokenConverter.setKeyPair(
//                new KeyStoreKeyFactory(new ClassPathResource("keystore.jks"), "hwbpass".toCharArray()).getKeyPair("hwbkey")
//        );
//        return accessTokenConverter;
//
//    }
//
//
//    @Bean
//    public ClientDetailsService hwbClientDetailsService() {
//        HwbClientDetailsService clientDetailsService = new HwbClientDetailsService(dataSource);
//        return clientDetailsService;
//    }
//
//    @Bean
//    public TokenStore tokenStore() {
//        RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory);
//        tokenStore.setPrefix(CacheConstants.OAUTH_PREFIX);
//        return tokenStore;
//    }
//
//}
//
